This is the compiler for the Flexible and Constant Time cryptographic programming language. FaCT is a domain-specific language that aids you in writing constant-time code for cryptographic routines that need to be free from timing side channels.
- Our paper
- Online demo using Compiler Explorer (source forked from mattgodbolt/compiler-explorer)
- FaCT case studies / evaluation
- Haskell embedding
- Python embedding
- Vim syntax files
To build the compiler, you can either build from source or download a pre-built release. We recommend building from source if possible.
You can download a VM image pre-configured for building the FaCT compiler and case studies.
The file fact.ova
should have a SHA256 sum of 089398c85c5074d911c2f2b67ca22df453235e8733f1eb283c71717cf70f714c
.
If you have docker installed, you can load our docker image with the build environment already installed:
cd docker/
./run.sh
Once inside the docker shell, run the following to finish setting up the environment:
cd FaCT/
eval $(opam config env)
FaCT is developed using OCaml 4.06.0 and LLVM 6.0.
Building FaCT has been tested on Ubuntu 16.04, 18.04, and macOS.
Ubuntu (16.04 & 18.04)
sudo apt install llvm-11 clang-11 cmake libgmp-dev m4 pkg-config
macOS
These instructions require Homebrew
brew install cmake gmp m4 pkg-config
brew install llvm@6 --with-toolchain
Note: This does not put the proper version of clang on your PATH
. You will need to run:
export PATH="$(brew --prefix llvm@6)/bin:$PATH"
We recommend installing the opam package manager to manage OCaml and package dependencies:
sh <(curl -sL https://raw.githubusercontent.com/ocaml/opam/master/shell/install.sh)
Then, install OCaml and the libraries:
opam init
eval $(opam config env)
opam switch create 4.06.0
eval $(opam config env)
opam switch import ocamlswitch.txt
Finally, make sure the Z3 lib is available to the OCaml compiler:
export LD_LIBRARY_PATH="$HOME/.opam/4.06.0/lib/z3:$LD_LIBRARY_PATH"
The FaCT compiler depends on the LLVM 11 toolchain at runtime,
and expects binaries with 11
suffixes.
Ensure that clang-11
is in your PATH:
clang-11 --version
You can now build the compiler:
oasis setup
make
This will produce the factc
executable.
Run ./factc <source files>
to compile a FaCT program.
FaCT is designed to be called from C code. Compiling FaCT source files will output an object file, which can then be linked to a C file. As an example:
cd example/
../factc -generate-header example.fact
clang-11 -c main.c
clang-11 -o final main.o example.o
You can then run the executable:
./final
Many debugging options and intermediate data structures are available. Run ./factc -help
for all options.
We thank the anonymous PLDI and PLDI AEC reviewers for their suggestions and insightful comments.